@hypequery/serve 0.2.0 → 0.3.0

package/dist/adapters/node.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../src/adapters/node.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,eAAe,EAAE,KAAK,cAAc,EAAE,MAAM,MAAM,CAAC;AAG/E,OAAO,KAAK,EAEV,YAAY,EAGZ,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAqHrB,eAAO,MAAM,iBAAiB,GAC5B,SAAS,YAAY,EACrB,UAAS,kBAAuB,MAKlB,KAAK,eAAe,EAAE,KAAK,cAAc,kBAmCxD,CAAC;AAEF,eAAO,MAAM,eAAe,GAC1B,SAAS,YAAY,EACrB,UAAS,kBAAuB;;gBA0BP,OAAO,CAAC,IAAI,CAAC;EAiEvC,CAAC"}
+{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../src/adapters/node.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,eAAe,EAAE,KAAK,cAAc,EAAE,MAAM,MAAM,CAAC;AAG/E,OAAO,KAAK,EAEV,YAAY,EAGZ,kBAAkB,EACnB,MAAM,aAAa,CAAC;AAmHrB,eAAO,MAAM,iBAAiB,GAC5B,SAAS,YAAY,EACrB,UAAS,kBAAuB,MAKlB,KAAK,eAAe,EAAE,KAAK,cAAc,kBAmCxD,CAAC;AAEF,eAAO,MAAM,eAAe,GAC1B,SAAS,YAAY,EACrB,UAAS,kBAAuB;;gBA0BP,OAAO,CAAC,IAAI,CAAC;EAiEvC,CAAC"}

package/dist/adapters/node.js

@@ -1,9 +1,9 @@
 import { createServer } from "http";
 import { once } from "node:events";
 import { normalizeHeaders, parseQueryParams, parseRequestBody, serializeResponseBody, } from "./utils.js";
-const DEFAULT_REQUEST_TIMEOUT = 30000; // 30 seconds
-const DEFAULT_BODY_LIMIT = 1048576; // 1 MB
-const DEFAULT_GRACEFUL_SHUTDOWN_TIMEOUT = 10000; // 10 seconds
+const DEFAULT_REQUEST_TIMEOUT = 30_000; // 30 seconds
+const DEFAULT_BODY_LIMIT = 1_048_576; // 1 MB
+const DEFAULT_GRACEFUL_SHUTDOWN_TIMEOUT = 10_000; // 10 seconds
 const readRequestBody = async (req, bodyLimit) => {
     const chunks = [];
     let totalLength = 0;
@@ -11,8 +11,6 @@ const readRequestBody = async (req, bodyLimit) => {
         const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
         totalLength += buf.length;
         if (bodyLimit > 0 && totalLength > bodyLimit) {
-            // Destroy the stream to stop reading
-            req.destroy();
             const error = new Error("Request body too large");
             error.code = "PAYLOAD_TOO_LARGE";
             throw error;

package/dist/adapters/standalone.d.ts

@@ -0,0 +1,41 @@
+import type { FetchHandler, HypeQueryAPI, ServeHandler, StartServerOptions, ServeStartResult } from "../types.js";
+type HandlerSource = HypeQueryAPI<any, any, any> | {
+    handler: ServeHandler;
+};
+/**
+ * Start a standalone HTTP server from a HypeQueryAPI.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * const { stop } = await startServer(api, { port: 3000 });
+ * ```
+ */
+export declare const startServer: (api: HandlerSource, options?: StartServerOptions) => Promise<ServeStartResult>;
+/**
+ * @deprecated Use startServer(api, options) instead.
+ */
+export declare const serve: (api: HandlerSource, options?: StartServerOptions) => Promise<ServeStartResult>;
+/**
+ * Create a Node.js HTTP handler (req, res) from a HypeQueryAPI.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * app.use('/analytics', toNodeHandler(api));
+ * ```
+ */
+export declare const toNodeHandler: (api: HandlerSource) => (req: import("http").IncomingMessage, res: import("http").ServerResponse) => Promise<void>;
+/**
+ * Create a Fetch API handler from a HypeQueryAPI.
+ * Works with Cloudflare Workers, Deno, Bun, Vercel Edge, etc.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * export default toFetchHandler(api);
+ * ```
+ */
+export declare const toFetchHandler: (api: HandlerSource) => FetchHandler;
+export {};
+//# sourceMappingURL=standalone.d.ts.map

package/dist/adapters/standalone.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"standalone.d.ts","sourceRoot":"","sources":["../../src/adapters/standalone.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAIrB,KAAK,aAAa,GAAG,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG;IAAE,OAAO,EAAE,YAAY,CAAA;CAAE,CAAC;AAM7E;;;;;;;;GAQG;AACH,eAAO,MAAM,WAAW,GACtB,KAAK,aAAa,EAClB,UAAU,kBAAkB,KAC3B,OAAO,CAAC,gBAAgB,CAE1B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,KAAK,QATX,aAAa,YACR,kBAAkB,KAC3B,OAAO,CAAC,gBAAgB,CAOK,CAAC;AAEjC;;;;;;;;GAQG;AACH,eAAO,MAAM,aAAa,GAAI,KAAK,aAAa,+FAE/C,CAAC;AAEF;;;;;;;;;GASG;AACH,eAAO,MAAM,cAAc,GAAI,KAAK,aAAa,KAAG,YAEnD,CAAC"}

package/dist/adapters/standalone.js

@@ -0,0 +1,46 @@
+import { createNodeHandler, startNodeServer } from "./node.js";
+import { createFetchHandler } from "./fetch.js";
+const extractHandler = (source) => {
+    return source.handler;
+};
+/**
+ * Start a standalone HTTP server from a HypeQueryAPI.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * const { stop } = await startServer(api, { port: 3000 });
+ * ```
+ */
+export const startServer = async (api, options) => {
+    return startNodeServer(extractHandler(api), options);
+};
+/**
+ * @deprecated Use startServer(api, options) instead.
+ */
+export const serve = startServer;
+/**
+ * Create a Node.js HTTP handler (req, res) from a HypeQueryAPI.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * app.use('/analytics', toNodeHandler(api));
+ * ```
+ */
+export const toNodeHandler = (api) => {
+    return createNodeHandler(extractHandler(api));
+};
+/**
+ * Create a Fetch API handler from a HypeQueryAPI.
+ * Works with Cloudflare Workers, Deno, Bun, Vercel Edge, etc.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({ queries: { ... } });
+ * export default toFetchHandler(api);
+ * ```
+ */
+export const toFetchHandler = (api) => {
+    return createFetchHandler(extractHandler(api));
+};

package/dist/auth.d.ts

@@ -1,4 +1,5 @@
-import type { AuthContext, AuthContextWithRoles, AuthContextWithScopes, AuthStrategy, AuthErrorInfo, ServeMiddleware, ServeRequest } from "./types.js";
+import type { AuthContext, AuthContextWithRoles, AuthContextWithScopes, AuthStrategy, AuthStrategyContext, AuthErrorInfo, ServeRequest } from "./types.js";
+import { type JWTPayload } from "jose";
 /**
  * Safely read a header from a ServeRequest with case-insensitive
  * and array-safe normalization.
@@ -30,6 +31,54 @@ export interface BearerTokenStrategyOptions<TAuth extends AuthContext = AuthCont
     validate: (token: string, request: ServeRequest) => Promise<TAuth | null> | TAuth | null;
 }
 export declare const createBearerTokenStrategy: <TAuth extends AuthContext = AuthContext>(options: BearerTokenStrategyOptions<TAuth>) => AuthStrategy<TAuth>;
+export declare const fromContext: <TAuth extends AuthContext = AuthContext>(extract: (context: AuthStrategyContext) => Promise<TAuth | null> | TAuth | null) => AuthStrategy<TAuth>;
+interface BaseJwtStrategyOptions<TAuth extends AuthContext = AuthContext> {
+    /** Expected token issuer(s). */
+    issuer?: string | string[];
+    /** Expected audience(s). */
+    audience?: string | string[];
+    /** Allowed signature algorithms. Defaults to `['HS256']` for secrets and `['RS256']` for JWKS. */
+    algorithms?: string[];
+    /** Header carrying the token. @default "authorization" */
+    header?: string;
+    /** Token prefix. @default "Bearer " */
+    prefix?: string;
+    /** When true, a missing token resolves to `null` instead of throwing. */
+    optional?: boolean;
+    /**
+     * Maps verified JWT claims to your auth context. Defaults to mapping
+     * `sub`→`userId`, `org_id`→`tenantId`, `roles`→`roles`, and
+     * `scope`/`scopes`→`scopes`.
+     */
+    mapClaims?: (payload: JWTPayload, request: ServeRequest) => TAuth | null | Promise<TAuth | null>;
+}
+export interface SecretJwtStrategyOptions<TAuth extends AuthContext = AuthContext> extends BaseJwtStrategyOptions<TAuth> {
+    /** Shared secret for symmetric JWT verification. Defaults algorithms to `['HS256']`. */
+    secret: string | Uint8Array;
+    jwksUri?: never;
+}
+export interface JwksJwtStrategyOptions<TAuth extends AuthContext = AuthContext> extends BaseJwtStrategyOptions<TAuth> {
+    /** Remote JWKS endpoint for asymmetric JWT verification. Defaults algorithms to `['RS256']`. */
+    jwksUri: string;
+    secret?: never;
+}
+export type JwtStrategyOptions<TAuth extends AuthContext = AuthContext> = SecretJwtStrategyOptions<TAuth> | JwksJwtStrategyOptions<TAuth>;
+type JwtStrategyOptionsWithMapper<TAuth extends AuthContext> = JwtStrategyOptions<TAuth> & {
+    mapClaims: (payload: JWTPayload, request: ServeRequest) => TAuth | null | Promise<TAuth | null>;
+};
+export declare function createJwtStrategy(options: JwtStrategyOptions<AuthContext>): AuthStrategy<AuthContext>;
+export declare function createJwtStrategy<TAuth extends AuthContext>(options: JwtStrategyOptionsWithMapper<TAuth>): AuthStrategy<TAuth>;
+export interface AnalyticsTokenIssuerOptions {
+    secret: string | Uint8Array;
+    expiresIn?: string;
+    issuer?: string;
+    audience?: string;
+    algorithm?: "HS256" | "HS384" | "HS512";
+}
+export type AnalyticsTokenClaims = Pick<AuthContext, "tenantId" | "roles"> & {
+    userId: string;
+};
+export declare const createAnalyticsTokenIssuer: (options: AnalyticsTokenIssuerOptions) => (claims: AnalyticsTokenClaims) => Promise<string>;
 /**
  * Result of an authorization check.
  * Returns { ok: true } if authorization succeeds, or { ok: false, missing } with details.
@@ -73,42 +122,6 @@ export declare const checkRoleAuthorization: (auth: AuthContext | null, required
  * ```
  */
 export declare const checkScopeAuthorization: (auth: AuthContext | null, requiredScopes: string[]) => AuthorizationResult;
-/**
- * Middleware that requires the user to be authenticated.
- * Returns 401 if no auth context is present.
- *
- * @deprecated Use `query.requireAuth()` instead for per-endpoint authentication.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global middleware via `api.use(requireAuthMiddleware())`.
- * For per-query guards, prefer `query.requireAuth()`.
- */
-export declare const requireAuthMiddleware: <TContext extends Record<string, unknown> = Record<string, unknown>, TAuth extends AuthContext = AuthContext>() => ServeMiddleware<any, any, TContext, TAuth>;
-/**
- * Middleware that requires the user to have at least one of the specified roles.
- * Returns 403 if the user lacks the required role.
- *
- * @deprecated Use `query.requireRole(...)` instead for per-endpoint authorization.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global or per-query middleware via `api.use(requireRoleMiddleware('admin'))`.
- * For per-query guards, prefer `query.requireRole('admin')`.
- */
-export declare const requireRoleMiddleware: <TContext extends Record<string, unknown> = Record<string, unknown>, TAuth extends AuthContext = AuthContext>(...roles: string[]) => ServeMiddleware<any, any, TContext, TAuth>;
-/**
- * Middleware that requires the user to have all of the specified scopes.
- * Returns 403 if the user lacks a required scope.
- *
- * @deprecated Use `query.requireScope(...)` instead for per-endpoint authorization.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global or per-query middleware via `api.use(requireScopeMiddleware('read:metrics'))`.
- * For per-query guards, prefer `query.requireScope('read:metrics')`.
- */
-export declare const requireScopeMiddleware: <TContext extends Record<string, unknown> = Record<string, unknown>, TAuth extends AuthContext = AuthContext>(...scopes: string[]) => ServeMiddleware<any, any, TContext, TAuth>;
 /**
  * Configuration options for creating a typed auth system.
  * Enables compile-time safety for roles and scopes.
@@ -139,6 +152,12 @@ export type TypedAuthContext<TRoles extends string, TScopes extends string> = Au
 /**
  * Creates a typed auth system with compile-time role and scope safety.
  *
+ * @deprecated Prefer typing your auth context directly and passing it to
+ *             `initServe<TContext, TAuth>(...)`. Define roles/scopes as a
+ *             union on your auth type and use `query.requireRole(...)` /
+ *             `query.requireScope(...)` guards. This helper is kept for
+ *             backwards compatibility and will be removed in a future release.
+ *
  * This helper provides:
  * - Type-safe auth context (combines AuthContextWithRoles and AuthContextWithScopes)
  * - A `useAuth` wrapper for auth strategies
@@ -155,67 +174,24 @@ export type TypedAuthContext<TRoles extends string, TScopes extends string> = Au
  * });
  *
  * // Extract the typed auth type for use with initServe
- * type AppAuth = TypedAuth;
+ * type AppAuth = typeof TypedAuth;
  *
  * const { query, serve } = initServe<Record<string, never>, AppAuth>({
  *   auth: useAuth(jwtStrategy),
  * });
- *
- * const adminOnly = query({
- *   requiredRoles: ['admin'],
- *   query: async () => {
- *     // ✅ TypeScript autocomplete for 'admin'
- *     // ❌ Compile error on typo like 'admn'
- *     return { secret: true };
- *   },
- * });
- *
- * const writeData = query({
- *   requiredScopes: ['write:metrics'],
- *   query: async () => {
- *     // ✅ TypeScript autocomplete for 'write:metrics'
- *     return { success: true };
- *   },
- * });
- *
- * const api = serve({
- *   queries: { adminOnly, writeData },
- * });
  * ```
  */
 export declare const createAuthSystem: <TRoles extends string = string, TScopes extends string = string>() => {
     /**
      * Type-safe wrapper for auth strategies.
      * Ensures the strategy returns auth context with the correct role/scope types.
-     *
-     * @example
-     * ```ts
-     * const jwtStrategy: AuthStrategy<AppAuth> = async ({ request }) => {
-     *   const token = request.headers.authorization?.slice(7);
-     *   const payload = await verifyJwt(token);
-     *   return {
-     *     userId: payload.sub,
-     *     roles: payload.roles, // ✅ Type-checked against ['admin', 'editor', 'viewer']
-     *     scopes: payload.scopes, // ✅ Type-checked against ['read:metrics', 'write:metrics']
-     *   };
-     * };
-     *
-     * const api = defineServe<AppAuth>({
-     *   auth: useAuth(jwtStrategy),
-     *   // ...
-     * });
-     * ```
      */
     useAuth: <TAuth extends AuthContext>(strategy: AuthStrategy<TAuth>) => AuthStrategy<TAuth>;
     /**
      * The combined typed auth context type.
-     * Use this to type your defineServe generic parameter.
-     *
-     * @example
-     * ```ts
-     * type AppAuth = typeof TypedAuth;
-     * ```
+     * Use this to type your initServe generic parameter.
      */
     TypedAuth: TypedAuthContext<TRoles, TScopes>;
 };
+export {};
 //# sourceMappingURL=auth.d.ts.map

package/dist/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,oBAAoB,EACpB,qBAAqB,EACrB,YAAY,EACZ,aAAa,EACb,eAAe,EACf,YAAY,EACb,MAAM,YAAY,CAAC;AAWpB;;;GAGG;AACH,eAAO,MAAM,SAAS,GAAI,SAAS,YAAY,EAAE,MAAM,MAAM,KAAG,MAAM,GAAG,SAexE,CAAC;AAEF,qBAAa,SAAU,SAAQ,KAAM,YAAW,aAAa;IAC3D,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAEtB,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAMhG;AAED,MAAM,WAAW,iBAAiB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IACxE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CACxF;AAED;;GAEG;AACH,eAAO,MAAM,UAAU,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAChE,SAAS,iBAAiB,CAAC,KAAK,CAAC,KAChC,YAAY,CAAC,KAAK,CAiBpB,CAAC;AAEF,MAAM,WAAW,qBAAqB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IAC5E,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CACxF;AAED,eAAO,MAAM,oBAAoB,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAC1E,SAAS,qBAAqB,CAAC,KAAK,CAAC,KACpC,YAAY,CAAC,KAAK,CA0BpB,CAAC;AAEF,MAAM,WAAW,0BAA0B,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IACjF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CAC1F;AAED,eAAO,MAAM,yBAAyB,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAC/E,SAAS,0BAA0B,CAAC,KAAK,CAAC,KACzC,YAAY,CAAC,KAAK,CAepB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,mBAAmB,GAC3B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,MAAM,EAAE,cAAc,GAAG,eAAe,CAAA;CAAE,CAAC;AAE/E;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,GACjC,MAAM,WAAW,GAAG,IAAI,EACxB,eAAe,MAAM,EAAE,KACtB,mBAWF,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,uBAAuB,GAClC,MAAM,WAAW,GAAG,IAAI,EACxB,gBAAgB,MAAM,EAAE,KACvB,mBAWF,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,qBAAqB,GAChC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClE,KAAK,SAAS,WAAW,GAAG,WAAW,OACpC,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAS3C,CAAC;AAEJ;;;;;;;;;;GAUG;AACH,eAAO,MAAM,qBAAqB,GAChC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClE,KAAK,SAAS,WAAW,GAAG,WAAW,EAEvC,GAAG,OAAO,MAAM,EAAE,KACjB,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAUzC,CAAC;AAEJ;;;;;;;;;;GAUG;AACH,eAAO,MAAM,sBAAsB,GACjC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClE,KAAK,SAAS,WAAW,GAAG,WAAW,EAEvC,GAAG,QAAQ,MAAM,EAAE,KAClB,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAUzC,CAAC;AAEJ;;;GAGG;AACH,MAAM,WAAW,uBAAuB,CACtC,MAAM,SAAS,MAAM,GAAG,MAAM,EAC9B,OAAO,SAAS,MAAM,GAAG,MAAM;IAE/B;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAE1B;;;;;;OAMG;IACH,MAAM,CAAC,EAAE,SAAS,OAAO,EAAE,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,MAAM,EACrB,OAAO,SAAS,MAAM,IACpB,oBAAoB,CAAC,MAAM,CAAC,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;AAElE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8CG;AACH,eAAO,MAAM,gBAAgB,GAC3B,MAAM,SAAS,MAAM,GAAG,MAAM,EAC9B,OAAO,SAAS,MAAM,GAAG,MAAM;IAG7B;;;;;;;;;;;;;;;;;;;;;OAqBG;cACO,KAAK,SAAS,WAAW,YACvB,YAAY,CAAC,KAAK,CAAC,KAC5B,YAAY,CAAC,KAAK,CAAC;IAEtB;;;;;;;;OAQG;eAC2B,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC;CAElE,CAAC"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,oBAAoB,EACpB,qBAAqB,EACrB,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,YAAY,EACb,MAAM,YAAY,CAAC;AACpB,OAAO,EAIL,KAAK,UAAU,EAChB,MAAM,MAAM,CAAC;AAWd;;;GAGG;AACH,eAAO,MAAM,SAAS,GAAI,SAAS,YAAY,EAAE,MAAM,MAAM,KAAG,MAAM,GAAG,SAexE,CAAC;AAEF,qBAAa,SAAU,SAAQ,KAAM,YAAW,aAAa;IAC3D,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAEtB,MAAM,EAAE,aAAa,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAMhG;AAED,MAAM,WAAW,iBAAiB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IACxE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CACxF;AAED;;GAEG;AACH,eAAO,MAAM,UAAU,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAChE,SAAS,iBAAiB,CAAC,KAAK,CAAC,KAChC,YAAY,CAAC,KAAK,CAiBpB,CAAC;AAEF,MAAM,WAAW,qBAAqB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IAC5E,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CACxF;AAED,eAAO,MAAM,oBAAoB,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAC1E,SAAS,qBAAqB,CAAC,KAAK,CAAC,KACpC,YAAY,CAAC,KAAK,CA0BpB,CAAC;AAEF,MAAM,WAAW,0BAA0B,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IACjF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;CAC1F;AAED,eAAO,MAAM,yBAAyB,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EAC/E,SAAS,0BAA0B,CAAC,KAAK,CAAC,KACzC,YAAY,CAAC,KAAK,CAepB,CAAC;AAEF,eAAO,MAAM,WAAW,GAAI,KAAK,SAAS,WAAW,GAAG,WAAW,EACjE,SAAS,CAAC,OAAO,EAAE,mBAAmB,KAAK,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,GAAG,IAAI,KAC9E,YAAY,CAAC,KAAK,CAAwC,CAAC;AAE9D,UAAU,sBAAsB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW;IACtE,gCAAgC;IAChC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,4BAA4B;IAC5B,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC7B,kGAAkG;IAClG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;;OAIG;IACH,SAAS,CAAC,EAAE,CACV,OAAO,EAAE,UAAU,EACnB,OAAO,EAAE,YAAY,KAClB,KAAK,GAAG,IAAI,GAAG,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;CAC3C;AAED,MAAM,WAAW,wBAAwB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW,CAC/E,SAAQ,sBAAsB,CAAC,KAAK,CAAC;IACrC,wFAAwF;IACxF,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC;IAC5B,OAAO,CAAC,EAAE,KAAK,CAAC;CACjB;AAED,MAAM,WAAW,sBAAsB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW,CAC7E,SAAQ,sBAAsB,CAAC,KAAK,CAAC;IACrC,gGAAgG;IAChG,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,KAAK,CAAC;CAChB;AAED,MAAM,MAAM,kBAAkB,CAAC,KAAK,SAAS,WAAW,GAAG,WAAW,IAClE,wBAAwB,CAAC,KAAK,CAAC,GAC/B,sBAAsB,CAAC,KAAK,CAAC,CAAC;AAElC,KAAK,4BAA4B,CAAC,KAAK,SAAS,WAAW,IACzD,kBAAkB,CAAC,KAAK,CAAC,GAAG;IAC1B,SAAS,EAAE,CACT,OAAO,EAAE,UAAU,EACnB,OAAO,EAAE,YAAY,KAClB,KAAK,GAAG,IAAI,GAAG,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;CAC3C,CAAC;AA8DJ,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,kBAAkB,CAAC,WAAW,CAAC,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;AACvG,wBAAgB,iBAAiB,CAAC,KAAK,SAAS,WAAW,EACzD,OAAO,EAAE,4BAA4B,CAAC,KAAK,CAAC,GAC3C,YAAY,CAAC,KAAK,CAAC,CAAC;AA+DvB,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,GAAG,UAAU,CAAC;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,MAAM,oBAAoB,GAAG,IAAI,CAAC,WAAW,EAAE,UAAU,GAAG,OAAO,CAAC,GAAG;IAC3E,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,eAAO,MAAM,0BAA0B,GAAI,SAAS,2BAA2B,MAI/D,QAAQ,oBAAoB,oBAe3C,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,mBAAmB,GAC3B;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,MAAM,EAAE,cAAc,GAAG,eAAe,CAAA;CAAE,CAAC;AAE/E;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,GACjC,MAAM,WAAW,GAAG,IAAI,EACxB,eAAe,MAAM,EAAE,KACtB,mBAWF,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,uBAAuB,GAClC,MAAM,WAAW,GAAG,IAAI,EACxB,gBAAgB,MAAM,EAAE,KACvB,mBAWF,CAAC;AAEF;;;GAGG;AACH,MAAM,WAAW,uBAAuB,CACtC,MAAM,SAAS,MAAM,GAAG,MAAM,EAC9B,OAAO,SAAS,MAAM,GAAG,MAAM;IAE/B;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAE1B;;;;;;OAMG;IACH,MAAM,CAAC,EAAE,SAAS,OAAO,EAAE,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,MAAM,EACrB,OAAO,SAAS,MAAM,IACpB,oBAAoB,CAAC,MAAM,CAAC,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;AAElE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,eAAO,MAAM,gBAAgB,GAC3B,MAAM,SAAS,MAAM,GAAG,MAAM,EAC9B,OAAO,SAAS,MAAM,GAAG,MAAM;IAG7B;;;OAGG;cACO,KAAK,SAAS,WAAW,YACvB,YAAY,CAAC,KAAK,CAAC,KAC5B,YAAY,CAAC,KAAK,CAAC;IAEtB;;;OAGG;eAC2B,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC;CAElE,CAAC"}

package/dist/auth.js

@@ -1,3 +1,4 @@
+import { SignJWT, createRemoteJWKSet, jwtVerify, } from "jose";
 const resolveHeaderValue = (value) => {
     if (Array.isArray(value)) {
         const first = value.find((item) => typeof item === "string");
@@ -28,6 +29,8 @@ export const getHeader = (request, name) => {
     return trimmed.length > 0 ? trimmed : undefined;
 };
 export class AuthError extends Error {
+    reason;
+    details;
     constructor(reason, message, details) {
         super(message);
         this.name = "AuthError";
@@ -92,6 +95,131 @@ export const createBearerTokenStrategy = (options) => {
         return options.validate(token, request);
     };
 };
+export const fromContext = (extract) => async (context) => extract(context);
+const defaultJwtClaimMapper = (payload) => {
+    const scopeClaim = payload.scope ?? payload.scopes;
+    const scopes = typeof scopeClaim === "string"
+        ? scopeClaim.split(" ").filter(Boolean)
+        : Array.isArray(scopeClaim)
+            ? scopeClaim.filter((scope) => typeof scope === "string")
+            : undefined;
+    const roles = Array.isArray(payload.roles)
+        ? payload.roles.filter((role) => typeof role === "string")
+        : undefined;
+    return {
+        userId: typeof payload.sub === "string" ? payload.sub : undefined,
+        tenantId: typeof payload.org_id === "string" ? payload.org_id : undefined,
+        roles,
+        scopes,
+        metadata: payload,
+    };
+};
+/**
+ * Verifies JWT bearer tokens with either a shared secret (HS256 by default) or
+ * a remote JWKS (RS256 by default). Use shared secrets when you mint the token
+ * yourself, and JWKS when a provider such as Auth0, Clerk, or Cognito mints it.
+ *
+ * @example
+ * ```ts
+ * const api = createAPI({
+ *   auth: createJwtStrategy({
+ *     jwksUri: 'https://example.auth0.com/.well-known/jwks.json',
+ *     issuer: 'https://example.auth0.com/',
+ *     audience: 'https://api.example.com',
+ *   }),
+ *   queries: { ... },
+ * });
+ * ```
+ */
+const resolveSecretKey = (secret, helperName) => {
+    if (typeof secret === "string") {
+        if (secret.length === 0) {
+            throw new Error(`${helperName}: \`secret\` must not be empty.`);
+        }
+        return new TextEncoder().encode(secret);
+    }
+    if (secret.byteLength === 0) {
+        throw new Error(`${helperName}: \`secret\` must not be empty.`);
+    }
+    return secret;
+};
+const isSecretJwtOptions = (options) => "secret" in options && options.secret != null;
+const isJwksJwtOptions = (options) => "jwksUri" in options && options.jwksUri != null;
+export function createJwtStrategy(options) {
+    const hasSecret = isSecretJwtOptions(options);
+    const hasJwksUri = isJwksJwtOptions(options);
+    if (hasSecret === hasJwksUri) {
+        throw new Error("createJwtStrategy: provide exactly one of `secret` or `jwksUri`.");
+    }
+    const headerName = options.header ?? "authorization";
+    const prefix = options.prefix ?? "Bearer ";
+    const mapClaims = options.mapClaims
+        ?? defaultJwtClaimMapper;
+    let verify;
+    if (hasSecret) {
+        const key = resolveSecretKey(options.secret, "createJwtStrategy");
+        verify = (token) => jwtVerify(token, key, {
+            issuer: options.issuer,
+            audience: options.audience,
+            algorithms: options.algorithms ?? ["HS256"],
+        });
+    }
+    else {
+        if (options.jwksUri.trim().length === 0) {
+            throw new Error("createJwtStrategy: `jwksUri` must not be empty.");
+        }
+        const jwks = createRemoteJWKSet(new URL(options.jwksUri));
+        verify = (token) => jwtVerify(token, jwks, {
+            issuer: options.issuer,
+            audience: options.audience,
+            algorithms: options.algorithms ?? ["RS256"],
+        });
+    }
+    return async ({ request }) => {
+        const raw = getHeader(request, headerName);
+        if (typeof raw !== "string" || !raw.startsWith(prefix)) {
+            if (options.optional)
+                return null;
+            throw new AuthError("MISSING", `Missing bearer token in "${headerName}" header`, { header: headerName });
+        }
+        const token = raw.slice(prefix.length).trim();
+        if (!token) {
+            if (options.optional)
+                return null;
+            throw new AuthError("MISSING", `Empty bearer token in "${headerName}" header`, { header: headerName });
+        }
+        let payload;
+        try {
+            const verified = await verify(token);
+            payload = verified.payload;
+        }
+        catch (error) {
+            throw new AuthError("INVALID", "JWT verification failed", {
+                reason: error instanceof Error ? error.message : String(error),
+            });
+        }
+        return mapClaims(payload, request);
+    };
+}
+export const createAnalyticsTokenIssuer = (options) => {
+    const key = resolveSecretKey(options.secret, "createAnalyticsTokenIssuer");
+    const algorithm = options.algorithm ?? "HS256";
+    return async (claims) => {
+        let jwt = new SignJWT({
+            ...(claims.tenantId ? { org_id: claims.tenantId } : {}),
+            ...(claims.roles ? { roles: claims.roles } : {}),
+        })
+            .setProtectedHeader({ alg: algorithm })
+            .setSubject(claims.userId)
+            .setIssuedAt()
+            .setExpirationTime(options.expiresIn ?? "15m");
+        if (options.issuer)
+            jwt = jwt.setIssuer(options.issuer);
+        if (options.audience)
+            jwt = jwt.setAudience(options.audience);
+        return jwt.sign(key);
+    };
+};
 /**
  * Check if the authenticated user has at least one of the required roles (OR semantics).
  *
@@ -146,65 +274,15 @@ export const checkScopeAuthorization = (auth, requiredScopes) => {
         ? { ok: true }
         : { ok: false, missing: requiredScopes, reason: 'MISSING_SCOPE' };
 };
-/**
- * Middleware that requires the user to be authenticated.
- * Returns 401 if no auth context is present.
- *
- * @deprecated Use `query.requireAuth()` instead for per-endpoint authentication.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global middleware via `api.use(requireAuthMiddleware())`.
- * For per-query guards, prefer `query.requireAuth()`.
- */
-export const requireAuthMiddleware = () => async (ctx, next) => {
-    if (!ctx.auth) {
-        throw Object.assign(new Error("Authentication required"), {
-            status: 401,
-            type: "UNAUTHORIZED",
-        });
-    }
-    return next();
-};
-/**
- * Middleware that requires the user to have at least one of the specified roles.
- * Returns 403 if the user lacks the required role.
- *
- * @deprecated Use `query.requireRole(...)` instead for per-endpoint authorization.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global or per-query middleware via `api.use(requireRoleMiddleware('admin'))`.
- * For per-query guards, prefer `query.requireRole('admin')`.
- */
-export const requireRoleMiddleware = (...roles) => async (ctx, next) => {
-    const result = checkRoleAuthorization(ctx.auth, roles);
-    if (!result.ok) {
-        throw Object.assign(new Error(`Missing required role. Required one of: ${roles.join(", ")}`), { status: 403, type: "FORBIDDEN" });
-    }
-    return next();
-};
-/**
- * Middleware that requires the user to have all of the specified scopes.
- * Returns 403 if the user lacks a required scope.
- *
- * @deprecated Use `query.requireScope(...)` instead for per-endpoint authorization.
- *             This middleware is kept for complex use cases where guards aren't suitable.
- *             See: https://hypequery.com/docs/authentication#middleware-helpers
- *
- * Use this as a global or per-query middleware via `api.use(requireScopeMiddleware('read:metrics'))`.
- * For per-query guards, prefer `query.requireScope('read:metrics')`.
- */
-export const requireScopeMiddleware = (...scopes) => async (ctx, next) => {
-    const result = checkScopeAuthorization(ctx.auth, scopes);
-    if (!result.ok) {
-        throw Object.assign(new Error(`Missing required scopes: ${result.missing.join(", ")}`), { status: 403, type: "FORBIDDEN" });
-    }
-    return next();
-};
 /**
  * Creates a typed auth system with compile-time role and scope safety.
  *
+ * @deprecated Prefer typing your auth context directly and passing it to
+ *             `initServe<TContext, TAuth>(...)`. Define roles/scopes as a
+ *             union on your auth type and use `query.requireRole(...)` /
+ *             `query.requireScope(...)` guards. This helper is kept for
+ *             backwards compatibility and will be removed in a future release.
+ *
  * This helper provides:
  * - Type-safe auth context (combines AuthContextWithRoles and AuthContextWithScopes)
  * - A `useAuth` wrapper for auth strategies
@@ -221,32 +299,11 @@ export const requireScopeMiddleware = (...scopes) => async (ctx, next) => {
  * });
  *
  * // Extract the typed auth type for use with initServe
- * type AppAuth = TypedAuth;
+ * type AppAuth = typeof TypedAuth;
  *
  * const { query, serve } = initServe<Record<string, never>, AppAuth>({
  *   auth: useAuth(jwtStrategy),
  * });
- *
- * const adminOnly = query({
- *   requiredRoles: ['admin'],
- *   query: async () => {
- *     // ✅ TypeScript autocomplete for 'admin'
- *     // ❌ Compile error on typo like 'admn'
- *     return { secret: true };
- *   },
- * });
- *
- * const writeData = query({
- *   requiredScopes: ['write:metrics'],
- *   query: async () => {
- *     // ✅ TypeScript autocomplete for 'write:metrics'
- *     return { success: true };
- *   },
- * });
- *
- * const api = serve({
- *   queries: { adminOnly, writeData },
- * });
  * ```
  */
 export const createAuthSystem = () => {
@@ -254,34 +311,11 @@ export const createAuthSystem = () => {
         /**
          * Type-safe wrapper for auth strategies.
          * Ensures the strategy returns auth context with the correct role/scope types.
-         *
-         * @example
-         * ```ts
-         * const jwtStrategy: AuthStrategy<AppAuth> = async ({ request }) => {
-         *   const token = request.headers.authorization?.slice(7);
-         *   const payload = await verifyJwt(token);
-         *   return {
-         *     userId: payload.sub,
-         *     roles: payload.roles, // ✅ Type-checked against ['admin', 'editor', 'viewer']
-         *     scopes: payload.scopes, // ✅ Type-checked against ['read:metrics', 'write:metrics']
-         *   };
-         * };
-         *
-         * const api = defineServe<AppAuth>({
-         *   auth: useAuth(jwtStrategy),
-         *   // ...
-         * });
-         * ```
          */
         useAuth: (strategy) => strategy,
         /**
          * The combined typed auth context type.
-         * Use this to type your defineServe generic parameter.
-         *
-         * @example
-         * ```ts
-         * type AppAuth = typeof TypedAuth;
-         * ```
+         * Use this to type your initServe generic parameter.
          */
         TypedAuth: null,
     };

package/dist/client-config.d.ts

@@ -4,6 +4,7 @@ import type { ServeBuilder, HttpMethod, AuthContext } from "./types.js";
  */
 export interface QueryClientConfig {
     method: HttpMethod;
+    path?: string;
 }
 /**
  * Map of query names to their client configurations
@@ -36,8 +37,8 @@ export declare function extractClientConfig<TQueries extends Record<string, any>
  *
  * @example
  * const config = defineClientConfig({
- *   hello: { method: 'GET' },
- *   createUser: { method: 'POST' },
+ *   hello: { method: 'GET', path: '/api/analytics/queries/hello' },
+ *   createUser: { method: 'POST', path: '/api/analytics/queries/createUser' },
  * });
  */
 export declare function defineClientConfig<T extends ApiClientConfig>(config: T): T;

package/dist/client-config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client-config.d.ts","sourceRoot":"","sources":["../src/client-config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAExE;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,UAAU,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;AAEhE;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACpC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACxC,KAAK,SAAS,WAAW,EACzB,GAAG,EAAE,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,GAAG,eAAe,CAoB/D;AAED;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,SAAS,eAAe,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CAE1E"}
+{"version":3,"file":"client-config.d.ts","sourceRoot":"","sources":["../src/client-config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAExE;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,UAAU,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;AAEhE;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACpC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACxC,KAAK,SAAS,WAAW,EACzB,GAAG,EAAE,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,GAAG,eAAe,CAsB/D;AAED;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,SAAS,eAAe,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CAE1E"}